WazirX Loses $230 Million in Suspected DPRK Hack
WazirX lost funds exceeding $230 million in yesterday's attack, which Elliptic has said is linked to North Korea-based hackers.
The attack that caused WazirX, the largest crypto exchange in India, to lose more than $230 million has been attributed to North Korea-based actors by cybersecurity firm Elliptic.
Meanwhile, WazirX has published its own analysis of the exploit in a July 18 preliminary incident report and on Friday morning wrote on Twitter that it has filed a police report.
WazirX explained in its report that the incident saw one of the firm's multi-signature wallets send funds to a non-whitelisted address. The firm says this happened because a whitelisted address was shown on the interface of multi-signature asset custody platform Liminal, even though the funds were really being sent to a different address.
According to the Liminal team, WazirX's multi-sig wallets were created "outside of the Liminal ecosystem." In its own report on Twitter, the team said that "Liminal’s platform is not breached and Liminal’s infrastructure, wallets and assets continue to remain safe."
This seems to suggest that the client device used to access Liminal's multi-signature asset management platform might have been breached in order to display an address different than the one it should have. Still, WazirX claims that the "whitelisted addresses were earmarked and facilitated on the interface by Liminal."
WazirX wrote in its report that the attack stemmed from "a discrepancy between the data displayed on Liminal’s interface and the transaction’s actual contents." The crypto exchange says it witnessed a mismatch between the information displayed on Liminal’s interface and what was actually signed.
"We suspect the payload was replaced to transfer wallet control to an attacker," WazirX wrote.
The exchange seems to be suggesting a failure on the custody service provider's part in approving a transaction with their multisignature address that to a non-whitelisted address. Still, Liminal's report suggests that the multisignature wallet itself was compromised and that it was created outside the firm's purview—which could put the responsibility solely on the exchange.
Neither WazirX nor Liminal immediately responded to a request for comment from Decrypt.
Elliptic estimates the loss to be about $235 million composed of more than 200 different assets. That includes about $97 million worth of Shiba Inu (SHIB), $52.6 million worth Ethereum (ETH), $11 million of Polygon (MATIC), and $7.6 million of Pepe (PEPE).
A portion of those assets were already swapped for ETH using a number of decentralized exchanges, an expected first step in laundering hack proceeds. "On-chain analysis and other information reviewed by Elliptic indicates that this hack was perpetrated by hackers affiliated with North Korea," Elliptic wrote.
DPRK Special Representative of the Foreign Ministry Alejandro Cao de Benos de Les Perez did not immediately respond to a request for comment from Decrypt.
Edited by Stacy Elliott.
Related News
- Trump Bitcoin Conference Roundtable Seats Are Going for $844,600
- Bitcoin and Ethereum See Double-Digit Weekly Gains Despite Slight Dip
- South Korea Enacts First Crypto Investor Protection Law, Bolstering Existing Rules
- Winklevoss Twins Donate $1 Million in Bitcoin to Unseat Elizabeth Warren
- Stretchable, ‘Jelly’ Batteries Could Transform Wearables and Brain Implants
- Erik Voorhees' Venice AI Now Offers Real-Time Search Results
- Robinhood Can Get 'More Efficient' by Tokenizing Real-World Assets, Says Crypto Head
- Biden's Election Prospects Crash on Crypto Markets After Report of Obama Concerns
- ‘Pixelverse’ Reveals Telegram Game Airdrop and TON L2 Plans as PIXFI Launches
- GameStop Short Squeeze Predictions Fall Flat Without Roaring Kitty
© 2024 DeFi.io